76 to 100 of 390 Remote Incident Response Jobs

role in protecting systems, data, and infrastructure across the firm's international footprint.This is a senior leadership role with a strong strategic remit and hands-on influence across governance, incident response, compliance, and risk. Key Responsibilities Lead the development and delivery of a global cyber security strategy Oversee threat detection, response, incident management, and governance Manage More ❯

SDLC Perform threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyze, and manage vulnerabilities in applications, providing guidance for remediation efforts Support incident response by investigating and analyzing security incidents related to applications Stay current on the latest security threats, vulnerabilities, and technologies to enhance our security posture Your background looks … something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modeling, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security frameworks Experience with cloud security (we use AWS) Strong communication skills with the More ❯

sit at the heart of our engineering operations, bringing together SRE principles and modern platform engineering practices. This includes combining principles of SRE - such as service-level reliability, observability, incident response - with platform engineering practices like GitOps, Infrastructure as Code, DevSecOps automation, and self-service enablement, to help development teams ship faster, safer, and more cost-efficiently. What … you'll be doing: Designing and operating highly reliable, scalable, and secure Azure-based platforms Applying SRE principles like SLOs, observability, and incident management to drive service reliability Building Infrastructure as Code using Terraform (v1.7+) and GitOps workflows Enabling teams through platform tools, reusable Terraform modules, and self-service infrastructure Enhancing CI/CD pipelines (Azure DevOps, YAML-based … services (SQL, Cosmos DB, ADF, Functions, Logic Apps, etc.) Improving monitoring and alerting with Datadog, Grafana, ELK, and proactive failure detection Participating in the on-call rota and leading incident response workflows and blameless postmortems Coaching engineers, upskilling teams, and contributing to a culture of continuous improvement Driving cost awareness through FinOps practices and automated budget controls What More ❯

reporting Implementing and maintaining endpoint security measures, including AV/anti-malware compliance Conducting system hardening and security compliance audits against frameworks like CIS, STIG, and NIST Contributing to incident response, forensic investigations, and remediation activities Assessing the security impact of changes, supporting secure design and assurance processes Producing and maintaining detailed security documentation (HLDs/LLDs, SOPs … you will need: Proven experience in a Cyber Security Engineering role, ideally within the defence or secure government sector Strong hands-on expertise across vulnerability management, endpoint protection, and incident response Familiarity with frameworks such as Government Functional Standard 007, CIS, STIG, and NIST A proactive, collaborative mindset with the ability to engage across multidisciplinary technical teams The More ❯

to the setup and ongoing enhancement of the Security Operations Center (SOC). Investigating security incidents and implementing effective countermeasures. Utilizing SOC tools such as SIEM, vulnerability scanners, and incident response solutions. Performing threat hunting by analyzing and assessing security events on central platforms. Documenting incidents thoroughly in ticketing and SIEM systems, and generating detailed reports. Monitoring systems … of offensive security concepts. Experience with programming languages such as Python and SQL. Minimum C1 level in German with good knowledge of English. Desirable skills: Experience working with Sophos. Incident response experience. Experience with malware analysis. Company benefits: Attractive salary. Strong progression plans. Excellent training opportunities and personal development. Opportunity to attain certifications. Work alongside an inclusive team More ❯

remote and is inside IR35 so will require working via an FCSA accredited umbrella company. Key Skills and experience: Establish an operational interlock with the CSMS and own security incident response and recovery on behalf of IBM as the supplier for PPB. Raise awareness to the CSMS ASAP on 24/7 basis. Advise on the sending of … appropriate log event data to the CSMS Develop incident response playbooks Design and implement SIOC processes to supplement the UK SOC monitoring service: * Ongoing tuning of Qradar * Threat Intelligence * Threat Hunting Implement vunlnerability scanning using Tenable in AWS Design and Implement UK SOC monitoring service Due to the nature and urgency of this post, candidates holding or who More ❯

join our SRE team. In this role, you'll ensure the reliability, performance, and operability of our React-based user interfaces running on AWS and Kubernetes. You'll lead incident response for client-side issues, diagnose end-to-end failures in the stack, and build tooling to automate detection and self-healing. Key Responsibilities Incident Response … or deployment failures. Analyze browser logs, application metrics (e.g., Real User Monitoring), and backend traces to isolate root causes across React , Node.js services, AWS , and Kubernetes layers. Orchestrate post-incident reviews: document findings, define mitigation plans, and drive tickets to resolution. Reliability Engineering & Automation Develop and maintain robust observability for front-end components: integrate Datadog for observability. Define SLIs … Collaboration & Knowledge Sharing Serve as the React/SRE subject-matter expert: mentor engineers on best practices for building resilient front-ends. Produce and maintain runbooks, debugging guides, and incident-playbooks specific to client-side failures. Partner closely with wider backend SRE, DevOps, and product teams to ensure end-to-end reliability. Enhanced leave - 38 days inclusive of More ❯

hiring for an experienced Business Development Manager for our market leading Cyber Security client. Our client specialises in offering Cyber Security Solutions, including but not limited to Pen Testing, Incident Response, Investigative Services and accreditations. If you have a passion for Cyber Security and a minimum of 2 years in Cyber Security sales then this could be the … pitches and proposals to target clients. Essentials: A minimum of 2 years exceeding targets in a Business Development role specifically within Cyber Security. Knowledge of Cyber Services, such as incident response, Pen Testing or Digital Forensics. A competitive and Goals driven mindset. Well versed in the use of CRM software and additional sales software tools. Minimum of More ❯

hiring for an experienced Business Development Manager for our market leading Cyber Security client. Our client specialises in offering Cyber Security Solutions, including but not limited to Pen Testing, Incident Response, Investigative Services and accreditations. If you have a passion for Cyber Security and a minimum of 2 years in Cyber Security sales then this could be the … pitches and proposals to target clients. Essentials: A minimum of 2 years exceeding targets in a Business Development role specifically within Cyber Security. Knowledge of Cyber Services, such as incident response, Pen Testing or Digital Forensics. A competitive and Goals driven mindset. Well versed in the use of CRM software and additional sales software tools. Minimum of More ❯

strategic decisions and exercise sound legal judgment to develop proactive, risk-appropriate, and commercially business-oriented solutions.Among your tasks are the following: Providing counsel on all aspects of cybersecurity incident prevention and response, including customer and regulatory notifications, contractual obligations, and legal risk mitigation, to cyber and information security stakeholders. Advising business stakeholders on regulatory inquiries regarding cyber … Instructing Citi's Cybersecurity Fusion Center and Citi's business lines on legal risks associated with various components of Citi's cyber and information security program, including matters involving incident response strategies, incident investigations, and regulatory compliance. Tracking existing and proposed cybersecurity rules and regulations (such as DORA and the EU Cyber Resilience Act) and advising on More ❯

Lead Detection and Response Engineer page is loaded Lead Detection and Response Engineer Apply locations Edinburgh London 125 London Wall Leeds Wellington Place Bristol Manchester Westminster House time type Full time posted on Posted Yesterday time left to apply End Date: August 1, 2025 (13 days left to apply) job requisition id 138541 End Date Thursday 31 July … support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary . Job Description JOB TITLE: Lead Detection & Response Engineer SALARY : From £90,4440 depending on experience and location LOCATION(S): Leeds, Manchester, Bristol, London or Edinburgh HOURS: Full time (This role will include a requirement to work … step ahead of cyber adversaries. We pride ourselves on our innovative approach and our commitment to excellence in cyber security. Join us as a skilled and proactive Lead Detection & Response Engineer in our Cyber Defence Centre. This role involves leading our Detection & Response Engineering team, managing team performance and development, and driving strategic projects that enhance our cyber More ❯

organisational environments such as enterprise, edge/deployed environments or cloud . Demonstrable knowledge of cyber detection (e.g., threat identification/intelligence, real-time monitoring, anomaly detection) and cyber response (e.g. incident response, eradication and remediation, recovery, post-incident analysis). DevSecOps. Zero Trust Architecture (ZTA) expertise for enterprise, cloud and air-gapped environments along with More ❯

and mitigating potential risks. You will oversee information security, compliance, and risk management practices based on industry-accepted information security and risk management frameworks, whilst establishing and maintaining an incident response plan, including incident detection, response, investigation, and resolution, to minimise the impact of security incidents. What you'll need to succeed Demonstrable experience of implementing More ❯

recommendations to technical and non-technical audiences. Familiarity with NHS and public sector data protection responsibilities (e.g. NHS Data Security Standards, GDPR, DSP roles). Experience participating in security incident response, post-incident reviews, and technical root cause analysis. Knowledge of identity and access management, security logging/monitoring, and asset/information classification. Strong documentation skills More ❯

and overall security performance. Support compliance efforts across frameworks including Cyber Essentials, ISO 27001, GDPR and DPA. Lead the vulnerability management programme, advising IT on remediation strategies. Oversee security incident monitoring and response in coordination with the SOC team. Design and implement an effective identity and access management (IAM) process and own access control across all systems. Required … application of security frameworks and standards including CIS, ISO 27001/27002, GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing and running vulnerability management programmes, with experience using industry-standard tooling. Experience designing, deploying, and managing Identity and Access Management More ❯

and infrastructure environments—most notably AWS. Your role will be pivotal in ensuring the secure delivery of new systems into live service, as well as ongoing protection, compliance, and incident response. You will: Own the vulnerability management strategy across platforms, leading scanning, remediation, and reporting activities Design and enforce endpoint security policies, access controls, and malware protections Lead incident identification and response efforts, ensuring swift containment and root cause analysis Oversee system hardening and compliance with industry standards (CIS, STIG, NIST) Contribute to strategic security planning and advise engineering and programme leadership on cyber risks Provide oversight and review of technical documentation, ensuring quality and audit readiness Represent cyber security in high-level programme planning and governance … endpoint protection, and vulnerability management Strong working knowledge of compliance frameworks and standards (CIS, STIG, NIST, Government Functional Standard 007) Proven ability to lead security planning, risk assessments, and incident response activities Excellent documentation, communication, and collaboration skills Eligibility for DV (Developed Vetting) clearance Experience leading or mentoring engineering teams and influencing security posture across a programme or More ❯

defences by maintaining and optimising security operations tools and processes. You'll focus on monitoring, analysing, and responding to cyber threats, while supporting the SOC team and ensuring effective incident management across the business. Your role will involve collaborating with technology and business stakeholders, investigating security alerts, enhancing tooling performance, and supporting the delivery of continuous improvement and risk … to readiness for significant incidents and play a key role in proactive threat hunting and compliance reporting. What you'll be doing as a Senior Cyber Security Analyst: Security Incident Response : Investigate security alerts from SIEM and third-party MSSPs, triage and respond to incidents, and support root cause analysis to drive remediation. Stakeholder Engagement : Work closely with … alert tuning and automation. SOC Support & Escalation : Act as a key contact and escalation point for the SOC team, providing guidance and mentoring to support operational effectiveness. On-Call & Incident Readiness : Participate in a 24/7/365 on-call rota with MSSP partners, supporting out-of-hours investigations and maintaining incident readiness. Threat Hunting & Continuous Improvement More ❯

passionate innovators. Our objective remains unwavering: to elevate business communication to new heights. With ambitious growth plans, we aim to expand our already impressive range of products. The Incident Manager plays a pivotal role in developing and maintaining robust incident management processes throughout our organisation. This position goes beyond merely implementing best practices; it encompasses taking the helm … across various platforms and regions, championing continuous improvement through in-depth Root Cause Analysis (RCA) and swift resolution of actions. The Role: Drawing on your previous experience in implementing incident management processes, you'll be responsible for shaping and enhancing our current framework, collaborating with stakeholders across the organisation to optimise our approach to live incident management. You … the prioritisation of tasks in Engineering and TechOps teams aimed at resolving root cause issues and enhancing service delivery. Your mission is to empower the business to elevate its response, reaction, and resolution strategies for major incidents, leading to improvements in our software, customer experience, and communication. Incident Management Process Implementation: Create and implement a resilient incident More ❯

insider threats, lateral movement, and account compromises. Data Integration: Collect and integrate data from multiple sources, including SIEMs, authentication logs, endpoint systems, and network devices, to enrich security analytics. Incident Investigation: Provide in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous More ❯

insider threats, lateral movement, and account compromises. Data Integration: Collect and integrate data from multiple sources, including SIEMs, authentication logs, endpoint systems, and network devices, to enrich security analytics. Incident Investigation: Provide in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous More ❯

insider threats, lateral movement, and account compromises. Data Integration: Collect and integrate data from multiple sources, including SIEMs, authentication logs, endpoint systems, and network devices, to enrich security analytics. Incident Investigation: Provide in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous More ❯

insider threats, lateral movement, and account compromises. Data Integration: Collect and integrate data from multiple sources, including SIEMs, authentication logs, endpoint systems, and network devices, to enrich security analytics. Incident Investigation: Provide in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous More ❯

insider threats, lateral movement, and account compromises. Data Integration: Collect and integrate data from multiple sources, including SIEMs, authentication logs, endpoint systems, and network devices, to enrich security analytics. Incident Investigation: Provide in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous More ❯

insider threats, lateral movement, and account compromises. Data Integration: Collect and integrate data from multiple sources, including SIEMs, authentication logs, endpoint systems, and network devices, to enrich security analytics. Incident Investigation: Provide in-depth analysis and investigation of alerts triggered by anomalous behavior. Incident Response Support: Provide expert guidance and technical analysis for security incidents involving anomalous More ❯

local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence and proactive incident avoidance. Oversee the councils response to critical cyber incidents, coordinating resolution efforts and informing senior stakeholders. Collaborate with security architects and technical teams to shape and implement cyber security policies, ensuring theyre risk-appropriate and business-friendly. Manage cyber security risks by embedding them into the corporate risk register and advising on appropriate mitigation strategies. Oversee the planning … cyber security trends, threats, tools, and protocols -demonstratable vendor agnostic technical appreciation of both defensive and offensive Cyber Security with focus on Microsoft security competencies. Strong experience in leading incident response, technical investigations, and high-pressure decision-making. Excellent communication skills with the ability to influence and collaborate at all organisational levels. Strategic thinking with a focus on More ❯